Wiz's Computer and Website Security Blog

I am posting this for my viewers who use Apple's Mac operating systems, the percentage of which is not declining ;-)

Apple released Security Update 2006-007 in various versions. The update is available via Software Update and also as standalone installers.

Security Update 2006-007 is recommended for all users and improves the security of the following components:

- AirPort
- ATS
- CFNetwork
- Finder
- Font Book
- Font Importer
- Installer
- OpenSSL
- PHP
- PPP
- Samba
- Security Framework
- VPN
- WebKit
- gnuzip

About the security content of Security Update 2006-007:
http://docs.info.apple.com/article.html?artnum=304829

Standalone Installers:
. Security Update 2006-007 (10.3.9 Client): Security Update 2006-007
is recommended for all users (33MB)
http://www.apple.com/support/downloads/securityupdate20060071039client.html

. Security Update 2006-007 (10.3.9 Server): Security Update 2006-007
is recommended for all servers (46MB)
http://www.apple.com/support/downloads/securityupdate20060071039server.html

. Security Update 2006-007 (10.4.8 Client Intel): Security Update
2006-007 is recommended for all users (23MB)
http://www.apple.com/support/downloads/securityupdate20060071048clientintel.html

. Security Update 2006-007 (10.4.8 Client PPC): Security Update
2006-007 is recommended for all users (11MB)
http://www.apple.com/support/downloads/securityupdate20060071048clientppc.html

. Security Update 2006-007 (10.4.8 Server PPC): Security Update
2006-007 is recommended for all servers (12MB)
http://www.apple.com/support/downloads/securityupdate20060071048serverppc.html

. Security Update 2006-007 (10.4.8 Server Universal): Security Update
2006-007 is recommended for all servers (25MB)
http://www.apple.com/support/downloads/securityupdate20060071048serveruniversal.html

Posted by Wiz at 6:20 PM | Permalink

Get Norton 360 Version - All In One Security. Comprehensive, easy to use, all around protection for your computer, your browsers, your identity and your files! Read about the key features of Norton 360 Version.

back to top ^

Ad-Aware Personal provides advanced protection from known data-mining, aggressive advertising, Trojans, dialers, malware, browser hijackers, and tracking components. This software is downloadable free of charge.

Anti Spyware/Adware program Ad-Aware, by Lavasoft has had it's definition file updated. Users of the free version should check for and install the new definitions manually.

Detections Removed:
SpyNoMore has been removed because the probation time has expired without further incident.

Updated definitions:
=====================
AdBlaster +2
Adware.Adhelper +5
Adware.BHO(generic) +3
Adware.NewWeb +2
Adware.Searchcolours +2
Lop +4
PurityScan +3
SpyAgent +2
TVMedia
Win32.Backdoor.Agent +6
Win32.Backdoor.PcClient
Win32.Backdoor.SDBot
Win32.Bagle.B
Win32.Dialer.Trojan +3
Win32.Generic.PWS +31
Win32.Trojan.Agent +9
Win32.Trojan.Downloader +25
Win32.Trojan.Klone
Win32.Trojan.MatrixHasYou +11
Win32.Trojan.Qhost +3
Win32.Trojan.SDBot
Win32.Trojan.Small +2
Win32.Trojan.Spambot +7
Win32.Trojan.Spy +2
Win32.Trojan.StartPage
Win32.TrojanClicker
Win32.TrojanDownloader.Agent +9
Win32.TrojanDownloader.Delf
Win32.TrojanDownloader.Small +2
Win32.TrojanDownloader.VB +3
Win32.Trojandownloader.Zlob +1578
Win32.TrojanDropper +3
Win32.TrojanProxy.Agent.dl +3
Win32.Trojan-PSW.Lineage +18
Win32.TrojanSpy.Banker +25
Win32.Worm.Warezov +5
Win32.Worm.Viking +7
Virtumonde +4
Zango

MD5 checksum is c0f5033fa432381818476a7b39a15684
============================================
You can use Webupdate to install the new reference file, or download
it manually from: http://download.lavasoft.de.edgesuite.net/public/defs.zip

Download the current version of Ad-Aware here: http://www.download.com/3405-8022-5153545.html

See all security program update notices in this catagory

Posted by Wiz at 6:04 PM | Permalink

Get Norton 360 Version - All In One Security. Comprehensive, easy to use, all around protection for your computer, your browsers, your identity and your files! Read about the key features of Norton 360 Version.

back to top ^

World reknowned anti-spyware program - Spybot Search and Destroy - was updated with new spyware definition files. If you use this program be sure to run manual updates as soon as possible.

If you see a program listed in these detections by name you should assume that is is malware. Update your Spybot Search and Destroy definitions, then scan for and fix any malware that is detected.

Spybot Search and Destroy (Multi-Lingual Landing Page. Choose your language).

2006-11-24 Updates

Adware
+ NSIS Media Extension + Zippy

Dialer
+ Carima Enterprises

Hijacker
+ CoolWWWSearch.008k + CoolWWWSearch.Aff.Winshow + CoolWWWSearch.Dreplace + CoolWWWSearch.Leftovers + CoolWWWSearch ++ GJeans30 + HotsearchBar + QuickNavigate

Malware
+ ClickConsulting + DeepDive + Dropper.ragger + ErrorSafe + ISearchTech.IstDownloader + RegiFast + Smitfraud-C. + SpySheriff + Vcodec.Intcodec + Winsoftware.WinAntiSpyware2006

PUPS
+ DriveCleaner 2006 + Zango

Spyware
+ Adware.IEPageHelper + ClientMan

Trojan
+ Adir.Wget + CoolWWWSearch.GonnaSearch (2) + Dadobra + Fraud.ProtectionBar + MovieLand ++ PSLister + Smitfraud-C. (5) + Win32.Delf.aml + XPreload + Zlob.FreeVideo.DVDCodec + Zlob.EliteCodec + Zlob.PornPassManager + Zlob.QualityCodec + Zlob.TrueCodec + Zlob.VidCodec (2) + Zlob.VideoKeyCodec

Total: 334918 fingerprints in 53285 rules for 2474 products.

English Language Company Links:
Spybot Search and Destroy Home Page
Spybot Search and Destroy Download page - Program and definition updates.
Full tutorial about using and setting up Spybot Search and Destroy
Spybot Search and Destroy Update History

See all security program update notices in this catagory

Posted by Wiz at 1:22 PM | Permalink

Get Norton 360 Version - All In One Security. Comprehensive, easy to use, all around protection for your computer, your browsers, your identity and your files! Read about the key features of Norton 360 Version.

back to top ^

Ad-Aware Personal provides advanced protection from known data-mining, aggressive advertising, Trojans, dialers, malware, browser hijackers, and tracking components. This software is downloadable free of charge.

Anti Spyware/Adware program Ad-Aware, by Lavasoft has had it's definition file updated on November 20, 2006. Users of the free version should check for and install the new definitions manually.

Current Definition File:
SE1R129 20.11.2006

Updated Definitions:
========================
Adware +4
Adware.Adhelper +4
Adware.BHO(generic)
Adware.CasClient +6
Adware.DesktopMedia
Adware.DollarRevenue +7
Adware.Henbang
Adware.IEHlpr +6
Adware.NewWeb +7
Adware.VB +6
Adware.ZenoSearch +4
BookedSpace +3
CnsMin +3
Dialer +2
Lop +3
PurityScan +4
Softomate Toolbar
SpywareSheriff +2
Virtumonde
VirusBurst +5
Win32.Backdoor.Agent +6
Win32.Backdoor.RBot +3
Win32.Backdoor.SDBot
Win32.Dialer.Trojan
Win32.Generic.PWS +2
Win32.Trojan.Agent +7
Win32.Trojan.Downloader +32
Win32.Trojan.Kolweb +4
Win32.Trojan.MatrixHasYou +14
Win32.Trojan.Mirc +4
Win32.Trojan.Spambot +6
Win32.Trojan.Spy
Win32.TrojanDownloader.Agent +7
Win32.TrojanDownloader.Delf +5
Win32.TrojanDownloader.Tibs
Win32.TrojanDropper
Win32.TrojanProxy.Agent.dl +5
Win32.Trojan-PSW.Lineage +2
Win32.Worm.Warezov +3

The MD5 checksum for the defs.ref file is 3ecee36bbddbecddd2fc0775e1f462c9
============================================
You can use Webupdate to install the new reference file, or download
it manually from: http://download.lavasoft.de.edgesuite.net/public/defs.zip

Download the current version of Ad-Aware here: http://www.download.com/3405-8022-5153545.html

See all security program update notices in this catagory

Posted by Wiz at 1:36 PM | Permalink

Get Norton 360 Version - All In One Security. Comprehensive, easy to use, all around protection for your computer, your browsers, your identity and your files! Read about the key features of Norton 360 Version.

back to top ^

World reknowned anti-spyware program - Spybot Search and Destroy - was updated with new spyware definition files. If you use this program be sure to run manual updates as soon as possible.

If you see a program listed in these detections by name you should assume that is is malware. Update your Spybot Search and Destroy definitions, then scan for and fix any malware that is detected.

Spybot Search and Destroy (Multi-Lingual Landing Page. Choose your language).

2006-11-17 Updates

Adware
+ NSIS Media Extension + RooGoo

Dialer
+ Creazione + NetTechnology.Inc

Keylogger
+ AdvancedKeylogger

Malware
+ AdCom + Batty + Command Service (3) + DyFuCA.InternetOptimizer + Elitum.Elitebar.Pokapoka + Look2Me + Mailbot + MediaMotor (2) + Mirar + PSCastor + RazeSpyware + SaferSurfing + Smitfraud-C. (7) + Smitfraud-C.Deskbar + Smitfraud-C.Toolbar888 + Vcodec + WebQuick + ZenoSearch ++ Zlob.VidCodec (2)

PUPS
+ AntiverminsPro + Deskbar + MalwareWipe + YazzleSudoku + Zango

Spyware
+ eZula HotText

Trojan
+ BraveSentry + BugsPrey + Busky.Gen + Clicker.Small.Jf + CoolWWWSearch.GonnaSearch + Downloader.Small.Dgk + Kelvir + PassiveTerror + TagASaurus (2) + Tibs.vq + Win32.AdvertMen + Win32.Agent.hl + Win32.Lager.aq + Win32.Limar + Win32.Small.doh +
Win32.VB.aua + XPreload ++ Zlob.FreeVideo.DVDCodec ++ Zlob.IVideoCodec (2) + Zlob.MMediaCodec + Zlob.PornPassManager ++ Zlob.PowerCodec

Total: 333535 fingerprints in 52845 rules for 2445 products.

English Language Company Links:
Spybot Search and Destroy Home Page
Spybot Search and Destroy Download page - Program and definition updates.
Full tutorial about using and setting up Spybot Search and Destroy
Spybot Search and Destroy Update History

See all security program update notices in this catagory

Posted by Wiz at 1:45 PM | Permalink

Get Norton 360 Version - All In One Security. Comprehensive, easy to use, all around protection for your computer, your browsers, your identity and your files! Read about the key features of Norton 360 Version.

back to top ^

My regular readers know that I use and promote the email screening program - MailWasher Pro. This inexpensive program screens incoming email for threats or spam, using a combination of blacklists, blocklists, user-reported known spam, "Bayesian" learning filters and best of all, user configurable filter rules. The user filters in MailWasher Pro allow for matching positive or negative words and Regular Expressions and are capable of detecting just about any known type of spam trick that exists, by employing the correct combinations of test conditions.

In my last Blog entry about MailWasher Pro I mentioned that I have developed custom filters to detect and delete image spam with garbage text. This spam is quite prevalent now and is entirely sent from tens of thousands of compromised home and office computers, that have been involuntarily drafted into BotNets, by spammers. Bothered by this senseless spam, mostly for investment stocks, I developed a group of filters that recognize variations of this crap and delete it automatically, without me ever having to see it. I have been fine-tuning my image spam filters to catch variations of the original coding, which is changing every week or two.

A few days ago I was reading new posts on the MailWasher Pro Forum at CastleCops, when I came across a topic where the OP (original poster) was looking for help to block these very image spam messages. I answered with a link to my online copy of my MailWasher Pro filters and made a few people very happy with the solution to this type of spam. Since spammers' techniques change frequently, I have been updating my filters to meet those changes, and posting news in a thread that now has my name in the Title. Additionally, I have been further honored by having my filters linked to in the MailWasher Wiki, on CastleCops.com.

If you are troubled by spam, whether in words or images, and are looking for a way to detect and delete it, without having to read it again, try MailWasher Pro. It is free to try for 30 days and only costs $37.00 USD to register, with free updates for life. You can learn more about MailWasher Pro here. There are links on that page to view my custom filters.

Posted by Wiz at 5:37 PM | Permalink

Get Norton 360 Version - All In One Security. Comprehensive, easy to use, all around protection for your computer, your browsers, your identity and your files! Read about the key features of Norton 360 Version.

back to top ^

If you receive a popup message similar to this:

INTERNET SECURITY CENTER: "YOUR MACHINE MAY BE INFECTED BY THE BLOODHOUND VIRUS,"

WinAntiVirusPro2006/2007 is part of the infection that popped up the notice in the first place. While your computer may indeed be infected with viruses and/or spyware, that program will not remove them. Get an authentic anti virus program to remove real threats (see list below).

To remove this threat you should download and install a spyware removal program, like Spyware Doctor, or Spybot Search and Destroy. Search for and download all available updates, then scan for and fix any problems found. You may probably have to reboot and let the anti spyware program run again before the Windows Desktop loads, to finish the removal process, or even have to reboot into Safe Mode. These sleazeware infections do not let go easily.

If you try removing the WinAntiVirusPro2006/2007 infection with Spybot S & D, and it is unsuccessful in removing this or other threats from your PC, visit the Spybot Search & Destroy Malware Removal Forum for help.

Some Legitimate Anti Virus and Anti Spyware Programs:

PC Tools Spyware Doctor

Webroot Spy Sweeper

Kaspersky Anti Virus

Trend Micro PC-cillin Internet Security

Updated on April 7, 2007, to include WinAntiVirusPro2007 parasite in details.

Posted by Wiz at 11:53 AM | Permalink

Get Norton 360 Version - All In One Security. Comprehensive, easy to use, all around protection for your computer, your browsers, your identity and your files! Read about the key features of Norton 360 Version.

back to top ^